A hacker dumped 900GB of hacking tools and data used by Cellebrite. The cache of data is on Pastebin, for now, at least. Cellebrite is an Israeli security company that came to public prominence when the FBI used its services to hack into the San Bernadino shooter’s iPhone.
Me Fed? No, UFED
Motherboard reported the main tool used by Cellebrite, the so-called Universal Forensic Extraction Device (UFED), comes in the form of a device around the size of a laptop. It can extract SMS messages, emails and other data from thousands of smartphone models. This means that whoever uses it needs to have physical access to the smartphone.
Only software tools were released by the hacker, but alone should be useful to Apple, Google, and BlackBerry, makers of the devices affected by these particular tools. Of course, they can also be put together by state and criminal actors looking to develop their own cracking tools. All that said, many of the exploits used in these tools have already been cracked, and they were most useful against older devices.
The hacker—name unknown—says they took the hacking tools from a remote server controlled by Cellebrite. The files were encrypted but the hacker decrypted them in short work.
In a chat, the hacker told Motherboard,
“The debate around backdoors is not going to go away, rather, its is almost certainly going to get more intense as we lurch toward a more authoritarian society…It’s important to demonstrate that when you create these tools, they will make it out. History should make that clear.”
Jailbreaking
Forensic scientist Jonathan Zdziarski noted that the hacking tools are “nearly identical” to ones that iOS jailbreakers use. The data is similar to jailbreaking tools QuickPwn and limera1n.
A Cellebrite spokesperson reached out to Motherboard to say that the tools are part of the distribution package of its tool and are available to its customers, which doesn’t contain source code.